Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/aipoch/open-science/llms.txt

Use this file to discover all available pages before exploring further.

Open Science keeps humans in the loop by pausing agent execution whenever a tool call requires explicit approval. When the agent attempts a tool call that needs confirmation, execution halts and a permission request card appears inline above the composer in the conversation panel. The agent waits until you respond before proceeding.

How Permissions Work

When the agent wants to use a tool that requires confirmation, the AcpPermissionBroker receives a requestPermission call from the ACP runtime. The broker assigns a unique requestId, stores the pending request, and emits it to the renderer via an IPC event. The conversation panel picks up the pending request and renders an approval card. The agent’s execution is suspended — the Promise returned by requestPermission does not resolve until the renderer calls respond with either a chosen optionId or a cancellation signal.

Permission Request Structure

Each pending request exposed to the UI is an AcpPermissionRequest:
FieldTypeDescription
requestIdstringUnique identifier assigned by the broker when the request was created
sessionIdstringThe ACP session whose execution is paused awaiting this decision
toolCallIdstringThe specific tool call from the agent that triggered the request
titlestringHuman-readable description of the action being requested
statusstring?Optional status string provided by the tool call
optionsAcpPermissionOption[]One or more choices the user can make (see below)
rawunknownThe complete original RequestPermissionRequest from the ACP SDK
Each option in the options array is an AcpPermissionOption with these fields:
FieldTypeDescription
optionIdstringOpaque identifier sent back to the broker when this option is chosen
namestringDisplay name shown on the button (overridden by the UI for known kinds)
kindstringProtocol semantic: allow_always, allow_once, reject_always, reject_once, or a custom string

Approval Card UI

Permission request cards are rendered above the composer in an amber-colored card. Each card shows the title of the request and a row of option buttons. Buttons are sorted in a fixed order — Always first, then Allow once, then Reject, then any custom options. The display labels for standard option kinds are normalized by the UI regardless of the raw name field:
kindButton label
allow_alwaysAlways
allow_onceAllow once
reject_alwaysReject
reject_onceReject
anything elseThe raw name from the option
A Cancel button is always shown at the end of the option row.

Responding to a Permission Request

1

Review the request

Read the title displayed in the amber card to understand what action the agent is asking to perform. For full transparency, the card also carries the raw tool call details in the raw field, accessible via developer tools.
2

Choose an option

Click one of the option buttons (e.g. Always, Allow once, Reject) to approve with that choice. The broker resolves the pending Promise with outcome: 'selected' and the chosen optionId, and the agent resumes execution.
3

Cancel the request

Click Cancel to abort the tool call without selecting any option. The broker resolves the Promise with outcome: 'cancelled', and the agent receives a cancellation signal instead of an approval.
The permission card’s title field comes directly from the agent’s tool call metadata. It is designed to give you a plain-language description of the action — for example, “Run a shell command: pip install pandas”. You can always choose Reject or Cancel if you are uncertain.

Cascading Cancellation

The AcpPermissionBroker handles two teardown scenarios automatically:
  • Session deleted: cancelForSession(sessionId) cancels every pending request associated with that session while leaving other sessions’ pending requests intact.
  • Full runtime shutdown: cancelAll() cancels every pending request across all sessions.
In both cases the affected pending Promises resolve with outcome: 'cancelled', allowing the runtime to clean up gracefully.
Closing the app or navigating away from the workspace while a permission request is pending will leave the agent session in a suspended state. The request will be cancelled when the runtime tears down, but any in-progress work in that session will not be completed. Always respond to pending requests before closing a session.

Build docs developers (and LLMs) love